Question No: 31

Internet access is required from virtual machines located on any logical switch Direct access from the internet to these virtual machines is NOT permitted

Which perimeter NSX Edge feature would achieve this with the least configuration?

LB

VPN

SNAT

DNAT

Answer: D

Question No: 32

What is true when configuring vSphere Distributed Switches (vDS)?

All configurations are done by the vCenter Server. Each ESXi host can be part of multiple vDS.

All configurations are done by the vCenter Server. Each ESXi host can be part of only one vDS.

All configurations are done by the NSX Manager. Each ESXi host can be part of only one vDS.

All configurations are done by the NSX Manager. Each ESXi host can be part of multiple vDS.

Answer: A

Question No: 33

Where does an administrator configure logging for the NSX Manager?

In the vSphere Web Client

In the NSX Manager GUI

In the NSX Manager command line interface (CLI)

In the vSphere Syslog Collector

Answer: B

Question No: 34

Exhibit:

Which would best describe a workload in Compute Cluster 1 attached to a logical switch port group?

Within Compute Cluster 1, Layer 2 would function, but Layer 3 would fail.

Within Compute Cluster 1, Layer 2 would fail, and Layer 3 would fail.

Within ComputeCluster 1, Layer 2 would fail, but Layer 3 would function.

Within Compute Cluster 1, Layer 2 would function, and Layer 3 would function.

Answer: A Explanation:

This has an interesting side effect: if you didn’t add all clusters of a given DVS to the TZ, those clusters you haven’t added will still have access to that Logical Switch. Let’s have a look at the following diagram:

From lt;https://telecomoccasionally.wordpress.com/2014/12/27/nsx-for-vsphere-

understanding-transport-zone-scoping/gt;

his means that in out hypothetical case, if we were to create a DLR and connect to it that LS we’ve created earlier, DLR instance would get created on hosts in clusters Comp B and Mgmt / Edge, but not on hosts in cluster Comp A:

From lt;https://telecomoccasionally.wordpress.com/2014/12/27/nsx-for-vsphere- understanding-transport-zone-scoping/

Question No: 35

Which NSX routing protocols offers the most flexible policy control when peering with the physical environment?

BGP

OSPF

ISIS

EIGRP

Answer: A

Explanation: Both the NSX DLR and the NSX ESG support OSPF and BGP. The primary difference between these routing protocols is the level of control on routes propagation and attribute manipulations they allow, with BGP being the more flexible of the two. The concept of an Autonomous System (AS), defined as a group of routers under the same administrative domain, comes also into play. Routing inside an AS is usually done via an IGP (e.g., OSPF) while routing between Autonomous Systems is done via an EGP (e.g., BGP).

Question No: 36

An administrator is deploying NSX in a Cross-vCenter configuration across three data centers located 100 miles apart Datacenter-1 and Datacenter-3 already have NSX deployed locally and Datacenter-2 does not have NSX deployed yet.

What is the correct order of steps to configure all three data centers for this solution?

1 Remove the NSX manager from Datacenter-1 and Datacenter-3 2 Reinstall all three NSX managers at the same time

Deploy a universal transport zone

Deploy a universal distributed logical router

1 Deploy an NSX manager at Dataeenter-2

Change the roles of the NSX managers in Datacentar-1 and Datacent芦r-3 to Transit Mod*

Deploy a universal transport zone

Configure the Primary and Secondary roles on all three NSX managers

1 Deploy an NSX manager in Datacenter 2

Update the NSX manager role in Oatacenter-1 to Primary

Update the roles in Dafacent芦r-2 and Datacentar-3 to Secondary 4 Deploy a universal transport zone

1 Deploy the NSX manager at Datacenter-2

2 Update the NSX manager role in Datacenter-1 to Primary 3 Deploy a universal transport zone

4 Deploy a universal distributed logical router

Answer: D

Question No: 37

If the Applied To scope is set to Distributed Firewall, which virtual machines with have the firewall rule applied?